Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json)
Hash identifier: gI1SmvLrB7fO3BU7+f8/dxs9CDTTr1jkPotaHCfbD/s=
Subject key identifier: CD:5A:FA:D3:6B:EF:23:43:74:20:0D:77:B4:61:00:FD:3B:B3:0D:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 357A08429C68C69D942441FA372FEF74D57F1674
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
Signing time: Mon 04 May 2026 15:30:38 +0000
ROA not before: Mon 04 May 2026 15:30:38 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:7a:08:42:9c:68:c6:9d:94:24:41:fa:37:2f:ef:74:d5:7f:16:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:38 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=539b0f794e31ecaaa04c14059674a80d2c897d1e6bead42ca4d831b3ff8c78c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ac:f2:29:a4:f4:0e:d1:15:8a:c1:b3:c1:92:
74:76:ca:25:fd:5a:5a:cf:5f:7b:fd:82:04:7e:aa:
50:36:e3:ad:a9:24:c4:1c:92:70:c5:da:5f:de:ec:
8a:33:03:ed:29:70:f8:c8:b7:06:3f:d6:d8:2e:7f:
65:ec:84:20:36:a2:21:bf:3d:13:9e:45:29:94:59:
6d:4c:df:39:69:98:df:1d:4a:e2:94:f3:e6:c3:e2:
2a:e8:98:1d:bb:7e:e6:0c:7e:68:84:c2:fa:78:3d:
62:06:29:cf:96:a4:54:9a:d9:a5:14:bb:77:82:5a:
02:79:63:e2:ed:51:96:13:a0:f2:07:b0:6d:1c:da:
a4:27:c9:9f:23:7b:f0:54:5a:c8:39:08:e9:bb:a9:
23:cc:d0:fc:9c:e4:55:be:6c:c3:e1:cf:39:6f:e8:
b8:58:5a:4b:25:bb:ae:c4:d4:a0:9c:ed:88:b4:89:
bd:44:f8:e4:bb:53:c4:fd:ed:0a:d5:ce:0a:fa:8e:
f8:28:70:80:04:f9:4f:5d:69:93:85:d4:87:e8:0b:
47:1c:4b:a2:ae:7e:4e:60:da:64:96:a9:b3:d8:7c:
40:43:79:5a:98:0b:22:97:26:d1:f2:1b:ca:d7:84:
69:41:e5:df:84:a2:40:50:d5:d7:1d:37:cf:0a:cc:
99:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5A:FA:D3:6B:EF:23:43:74:20:0D:77:B4:61:00:FD:3B:B3:0D:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c040::/46
Signature Algorithm: sha256WithRSAEncryption
6c:b9:fc:58:55:9b:69:df:f3:5d:ac:f5:b3:fd:fe:8a:11:c2:
ba:23:c4:47:7f:68:97:80:01:58:17:90:7d:23:09:ff:9f:0f:
95:75:29:a4:e9:4f:db:08:58:25:26:da:66:70:cf:a5:6f:e8:
47:6f:4f:74:83:7e:66:27:f2:76:c3:45:d5:c6:2e:ea:bc:d3:
71:fe:f5:41:fe:90:18:1d:60:53:08:14:20:06:e1:6f:14:84:
17:7a:0a:40:db:c9:f7:c0:21:cc:d7:2f:e2:d0:96:21:fc:d8:
96:48:a8:e3:00:10:4b:eb:33:89:48:82:d6:ce:0b:12:ac:2d:
63:6e:66:f2:41:11:20:ee:b4:4f:1e:fd:8c:7f:7b:9b:e3:f3:
7f:42:69:1f:16:60:d3:a6:ce:01:16:af:f9:86:30:6f:34:7c:
74:9b:87:6c:a6:69:07:ff:64:3f:c6:12:62:a5:a9:dd:e3:46:
69:38:2f:3e:16:96:3e:fe:9e:92:f0:af:6b:18:c0:f9:9a:97:
d8:4f:de:49:93:10:88:60:b7:9d:e8:fa:80:45:5e:82:fb:92:
ca:f7:b9:78:85:1a:89:8f:44:e2:77:86:0b:2d:1a:4b:6b:f9:
38:23:f8:2d:59:60:3c:8f:c9:2b:0f:80:29:6d:24:71:a7:fe:
48:93:98:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNXoIQpxoxp2UJEH6Ny/vdNV/FnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMzhaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzOWIwZjc5NGUzMWVjYWFhMDRjMTQwNTk2NzRhODBkMmM4OTdkMWU2YmVh
ZDQyY2E0ZDgzMWIzZmY4Yzc4YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+s8imk9A7RFYrBs8GSdHbKJf1aWs9fe/2CBH6qUDbjrakkxByScMXaX97s
ijMD7Slw+Mi3Bj/W2C5/ZeyEIDaiIb89E55FKZRZbUzfOWmY3x1K4pTz5sPiKuiY
Hbt+5gx+aITC+ng9YgYpz5akVJrZpRS7d4JaAnlj4u1RlhOg8gewbRzapCfJnyN7
8FRayDkI6bupI8zQ/JzkVb5sw+HPOW/ouFhaSyW7rsTUoJztiLSJvUT45LtTxP3t
CtXOCvqO+ChwgAT5T11pk4XUh+gLRxxLoq5+TmDaZJaps9h8QEN5WpgLIpcm0fIb
yteEaUHl34SiQFDV1x03zwrMmfsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNWvrT
a+8jQ3QgDXe0YQD9O7MNODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjMDFjOTItNGEyZS00MGM4LTliNzItZTY1M2FjOTg5NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPA
QDANBgkqhkiG9w0BAQsFAAOCAQEAbLn8WFWbad/zXaz1s/3+ihHCuiPER39ol4AB
WBeQfSMJ/58PlXUppOlP2whYJSbaZnDPpW/oR29PdIN+ZifydsNF1cYu6rzTcf71
Qf6QGB1gUwgUIAbhbxSEF3oKQNvJ98AhzNcv4tCWIfzYlkio4wAQS+sziUiC1s4L
EqwtY25m8kERIO60Tx79jH97m+Pzf0JpHxZg06bOARav+YYwbzR8dJuHbKZpB/9k
P8YSYqWp3eNGaTgvPhaWPv6ekvCvaxjA+ZqX2E/eSZMQiGC3nej6gEVegvuSyve5
eIUaiY9E4neGCy0aS2v5OCP4LVlgPI/JKw+AKW0kcaf+SJOYdg==
-----END CERTIFICATE-----
Generated at Wed May 13 00:45:44 2026 by rpki-client